567902f084dba5f257b78bb930e8c8b2b50854a9310c9816f2e9d7823022658f[.]bin | Triage

Resubmissions

09/06/2024, 23:33

240609-3j2ecahb26 7

09/06/2024, 23:24

240609-3dw8fagh74 7

Sharing

Copy URL Twitter E-mail

General

Target

567902f084dba5f257b78bb930e8c8b2b50854a9310c9816f2e9d7823022658f.bin
Size

38KB
MD5

72a22077e6cd1d091cf9b66dd287c703
SHA1

4c178e1c1f30752505829e441ed0552a4e5dca82
SHA256

567902f084dba5f257b78bb930e8c8b2b50854a9310c9816f2e9d7823022658f
SHA512

52879ac870a52333ab1feaf2dff523ff759d39530d95bdfa655d6eaf4273bfdb08ae07b97a92983dc09087f0d6b97232c711b009fe6ccf3389c4ec6e97860c8b
SSDEEP

384:sA5gl6WoJSXddL6/w8RIyLOooynR4M4CxXqSgz8Jvrnm49B1XbVTYckWncaZGws7:sA5kE/wPybR4xgpT1TX/s7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
567902f084dba5f257b78bb930e8c8b2b50854a9310c9816f2e9d7823022658f.bin

Files

567902f084dba5f257b78bb930e8c8b2b50854a9310c9816f2e9d7823022658f.bin
.exe windows:4 windows x86 arch:x86

9f800d92a0d453e9e6d354ab02e186a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetStartupInfoW
CopyFileA
GetCurrentProcessId
WriteProfileSectionA
ReleaseMutex
VirtualAlloc
GetCommandLineW
OpenMutexA
EnumTimeFormatsA
GetACP
GetOEMCP
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetStartupInfoA

advapi32

GetSecurityDescriptorControl
GetSecurityDescriptorGroup

Exports

Exports

BeginXuugbiitr
Ynceirqmp
EndCplhwqsix

Sections

.itext
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ